WannaCry Is Really Giving Us Something to Cry About

shutterstock_639957607

On Friday, May 12th, 2017 computer users around the world suddenly found themselves victims of the largest ransomware attack in history. In a matter of hours, the appropriately-named ‘WannaCry’ had spread and left havoc in its wake.

So far over 75,000 attacks in over 100 countries have been documented, with even major global brands like FedEx falling victim. This outbreak is the latest in an ever-growing threat of ransomware across the world.

Here’s the skinny about WannaCry, and some information on how to protect yourself from future ransomware attacks. By taking some basic safety measures, and by arming yourself with a proper VPN, you can save yourself from a nightmare experience that has ruined many lives already.

WannaCry is a ransomware program that targets a vulnerability in the Server Message Block protocols used by Microsoft Windows computers. That sounds techy and confusing, but basically it’s just a mechanism Windows uses to communicate with other computers over a network.

Prior to the WannaCry outbreak, many had never heard of ransomware. Ransomware is basically a form of malware whose purpose is to lock down your computer or mobile device and then extort you for money.

When a computer is infected by WannaCry, the ransomware steals all data on the hard drive and the user then must pay $300 in bitcoins in order to have that data released. If a victim does not pay in 3 days, the ransom doubles to $600. The ransomware threatens to delete all data on the infected hard drive if the ransom isn’t paid within a week.

This Is What Happens When You Don’t Update

Many virus and malware outbreaks are “zero-day” infections, meaning that they are brand new, and antivirus companies have not had a chance to create a fix. But this outbreak wasn’t a zero-day attack. It was a well-calculated attack that took full advantage of user laziness.

The protocol attacked by WannaCry is a known vulnerability that Microsoft released a patch for back in March. Microsoft Security Bulletin MS17-010 was originally published on March 14, 2017 to patch the vulnerabilities in Microsoft Server Message Block (SMBv1).

But there are many that can’t be bothered to regularly take a few minutes to update their computers or antivirus programs. As such, this left the door open, and hackers took full advantage. Those who update regularly were safe, and many of those who don’t became embroiled in hacker hell. Discover how your computer is at risk when you go online without protection!

Just to show how serious and widespread this threat was, Microsoft released a patch over the weekend that will fix vulnerabilities for Windows XP users. They haven’t supported XP since 2014.

The Latest in a Growing Threat

Ransomware functions differently than other malware programs. Typical malware software will gradually infect your computer and redistribute itself while allowing you to still access your machine. Some standard malware will inhibit functionality, such as programs that shut down web browsing.

What makes ransomware different from other malware is that it completely hijacks your device and then starts ransoming your computer and its data. It encrypts data so that you cannot access it without paying the ransom for the decryption key. Many users get scared and choose to pay the ransom rather than risk losing all their valuable computer contents.

Ransomware isn’t exactly a new thing, but it has increased in popularity in the last couple of years due to advancements in encrypting and the rise of bitcoin. Bitcoin doesn’t leave a paper trail for authorities to follow, so this makes it a breeding ground for hackers.

One of the best, and easiest ways to protect your browsing and keep yourself anonymous is by using a VPN.

How to Effectively Stop Ransomware

If you want to stop ransomware and protect your computer and mobile devices, there are several steps you should take:

 

  1.  Be smart about what you click on. Don’t click on suspicious-looking links, and don’t automatically open email file attachments, even if they appear to come from someone you know. Stop, check out the context of the email or site, and assess whether it’s a normal communication or if it might be a virus.
  2. Join the rest of us in the 21st century. Quit using old versions of Windows and upgrade to a newer version, especially if you are still on Windows XP or Vista. Older operating systems are no longer supported and are more vulnerable to attacks. Also, make sure you are regularly updating BOTH your operating system and your antivirus system. A majority of infections could have been avoided simply by regularly updating Windows. But if you forget to update (it happens), having good antivirus software with ransomware protection will keep you safe even if your OS is outdated.
  3. Don’t surf the web on public WiFi without using a VPN, as that provides a point of access to your device for hackers. Many of the infected devices could have avoided their fate by using VPNs and hiding their ISP. Some VPNs today also track and block suspicious links, preventing you from being infected to start with.

 

Well, you’ve been sufficiently warned. So if you’re not thrilled by the idea of forking over your money to a bunch of amoral hackers, remember to practice safe web habits, keep your software and antivirus protection updated, and use a VPN.